26d1d0a3a382a95805f4709b4f810566 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d1d0a3a382a95805f4709b4f810566
Size

110KB
MD5

26d1d0a3a382a95805f4709b4f810566
SHA1

5c68b3b9493a803b353fd65c428876ed5df0b8dc
SHA256

4e3f375b10fb6f40e77ff6afe7d26a1680daba31b37082c0ee7fc7f24c7f9f6d
SHA512

5caf6e1bd9543dac577e2f4f19abcea3f8eb8be3bf6c28ba23ddbae4083d54f1f2e107cdc3a82d9efdc826a71bafda2f731e6ef5a286b893340f933dc8bd00b6
SSDEEP

1536:+I3uqtcm0VAoe7ULYSXxDOKFXvm5upXfCRU4Be:73ZtcRKoe7ULYcvmIpXfOBe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d1d0a3a382a95805f4709b4f810566

Files

26d1d0a3a382a95805f4709b4f810566
.exe windows:4 windows x86 arch:x86

c4eed0f9fe1b5373666849834ca47a89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHQueryInfoKeyA
PathFileExistsA

comctl32

ImageList_GetBkColor
ImageList_DragShowNolock

kernel32

GetCommandLineA
LoadLibraryExA
GlobalAlloc
GetCPInfo
lstrlenA
ExitProcess
GetTickCount
GetStdHandle
HeapDestroy
GetEnvironmentStrings
GetLastError
VirtualAllocEx
MoveFileA
GetModuleHandleA
GetVersionExA
GetProcAddress
SetHandleCount

user32

CharNextW
SetParent
TrackPopupMenu
AdjustWindowRectEx
GetClipboardData
GetWindowRect
IsZoomed
RemoveMenu
InflateRect
GetSysColorBrush
WaitMessage
CharUpperBuffA
GetCursorPos
GetCursor
IsWindowEnabled
DestroyIcon
DispatchMessageW
LoadIconA
GetActiveWindow
BeginPaint
ScreenToClient
LoadCursorA

advapi32

RegQueryInfoKeyA

gdi32

SaveDC
GetDCOrgEx

shell32

SHGetDesktopFolder
DragQueryFileA
Shell_NotifyIconA

version

GetFileVersionInfoSizeA
VerInstallFileA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE